81cf15ac00f9177b951616a347ceb53c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

81cf15ac00f9177b951616a347ceb53c_JaffaCakes118
Size

178KB
MD5

81cf15ac00f9177b951616a347ceb53c
SHA1

0c14b44b4e15a099870028746e5d71ee76db2223
SHA256

d496b24759667a1840f59a66c011146062f7c9c5400059f512da8088720afbf0
SHA512

fcb09e5e49e8ffd0c50c6c4a88bc79b49fc8071ace75b6e1e836cb8e5676f88521691468732e915f0c9b21c57c0113a3b8a0319efd77a257d8f58cf6d9652f03
SSDEEP

3072:ejRmSjZLhZjsn6C+7fzRmPwRrc3FxfgWTe88pkMDsdjBLduUhwR1CzQhjygOkSpx:+RBZYa7fNpmxIfp3sdjBxopx2p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
81cf15ac00f9177b951616a347ceb53c_JaffaCakes118

Files

81cf15ac00f9177b951616a347ceb53c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

01e97817378850d2ee60862d10224f3c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ChangeServiceConfigA
DeleteService
FreeSid
GetTokenInformation
GetUserNameA
OpenServiceA
SetSecurityDescriptorDacl
StartServiceCtrlDispatcherA
UnlockServiceDatabase

kernel32

AddAtomA
CloseHandle
CopyFileA
CreateEventA
CreateFileA
CreateMutexA
DeleteCriticalSection
DeleteFileA
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
FileTimeToLocalFileTime
FindFirstFileA
FindNextFileA
FreeLibrary
GetACP
GetCommandLineA
GetComputerNameA
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetEnvironmentVariableA
GetFileAttributesA
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcessHeap
GetStdHandle
GetSystemDirectoryA
GetTempFileNameA
GetTempPathA
GetThreadTimes
GetTickCount
GetVersion
GetVersionExA
GetWindowsDirectoryA
GlobalAlloc
HeapCreate
HeapDestroy
HeapFree
HeapSize
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadCodePtr
IsBadReadPtr
IsValidCodePage
IsValidLocale
LCMapStringA
LoadLibraryExA
LocalAlloc
LocalFree
MapViewOfFile
Module32Next
MoveFileExA
MulDiv
MultiByteToWideChar
OutputDebugStringA
RaiseException
ReadFile
ReleaseMutex
ResetEvent
SearchPathA
SetCurrentDirectoryA
SetEvent
SetFileAttributesA
SetPriorityClass
SetStdHandle
SetUnhandledExceptionFilter
Sleep
SuspendThread
SystemTimeToFileTime
TlsSetValue
VirtualAlloc
VirtualProtect
VirtualQuery
WriteFile
lstrcpyA
lstrlenA

ole32

CreateBindCtx
IIDFromString
OleLoadFromStream
WriteClassStm

user32

CharNextA
CharUpperA
CreatePopupMenu
DialogBoxParamA
DrawFocusRect
ExitWindowsEx
FillRect
GetDlgItem
GetDlgItemTextA
GetSystemMenu
GetWindowDC
GetWindowLongA
IsWindow
LoadCursorA
LoadIconA
MessageBoxA
PostMessageA
PtInRect
RegisterWindowMessageA
SendMessageA
SetCursor
SetMenu
SetTimer
SetWindowTextA
SystemParametersInfoA
TranslateMessage
wsprintfA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

CODE
Size: 54KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CRT
Size: 117KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01e97817378850d2ee60862d10224f3c

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

user32

version

Sections

CODE Size: 54KB - Virtual size: 56KB

BSS Size: - Virtual size: 216KB

CRT Size: 117KB - Virtual size: 120KB

.idata Size: 3KB - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 2KB

CODE
Size: 54KB - Virtual size: 56KB

BSS
Size: - Virtual size: 216KB

CRT
Size: 117KB - Virtual size: 120KB

.idata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 2KB